Millions of Time Warner Cable Customer Records Exposed in Third-Party Data Leak

About four million Time Warner Cable records containing details of its customers were found unsecured on an Amazon server last month, tech website Gizmodo reported on Friday. From a report: The files, more than 600GB in size, were discovered on August 24 by the Kromtech Security Center while its researchers were investigating an unrelated data breach at World Wrestling Entertainment. Two Amazon S3 buckets were eventually found and linked to BroadSoft, a global communications company that partners with service providers, including AT&T and TWC. The 4 million TWC records are not all tied to unique customers, meaning 4 million individual people were not exposed by the breach. Due to the sheer size of the cache, it was not immediately clear precisely how subscribers were affected. The leaked data included usernames, emails addresses, MAC addresses, device serial numbers, and financial transaction information -- though it does not appear that any Social Security numbers or credit card information was exposed.

Your privacy is EXTREMELY important to us

[FrankHaynes]

Your information is only shared with our Trusted Partners ®

What could possibly go wrong??

I think credit card was exposed!

[Spy+Handler]

it does not appear that any Social Security numbers or credit card information was exposed

Earlier this month I switched to paperless billing for my Time Warner cable account. Two weeks ago I paid my bill online with a credit card for the first time.

Lo and behold, a fraudulent charged appeared on my statement last week! Someone bought some stuff from Neiman Marcus and had it shipped to Florida. (I live on the other side of the continent)

I was wondering where the security breach of my credit card was coming from, this makes me think it was Time Warner.

This is getting really frustrating

[sarbonn]

The part that really bothers me is that no matter how much work I do, how much security I try to add to my own systems, I'm still subject to the stupidity of companies that I do business with, and usually they're companies that I don't really have a choice about whether or not to do business with them (unless I wish to be a Luddite, living in a cave). This has happened with banks, cable companies, Internet providers, the freaking government, practically every computer gaming company and/or computer-related entity. And usually we find out through some cryptic message of "you need to change your password cause something may or may not have happened". It's really frustrating.